04c2cb44e8267bb86000b879e8a49e2fce35cbc67e80be197cbf7be826466c1b

Sharing

Copy URL

Twitter E-mail

General

Target

04c2cb44e8267bb86000b879e8a49e2fce35cbc67e80be197cbf7be826466c1b
Size

354KB
MD5

83c845c6db38173c8e7c61b6af20ebc7
SHA1

f63900d57e7fb9767bcbd1bcb5d9e6b50d78273a
SHA256

04c2cb44e8267bb86000b879e8a49e2fce35cbc67e80be197cbf7be826466c1b
SHA512

ee40e0bdb83c41d56a3a9d6fcc458be16d88c8a73aa6fd61994418c9e598209cef06e0c34d3c2a539baf627d41f8803a4ccdff5e206a9ad2ed153c3feadf9812
SSDEEP

6144:EssRK9bhOaVcY8r1hbeyZ3L8ysbx4kkcD5P2ArIS0Koa+888888888888W88888k:/9b4DYghbeyZ3Ebx4kkgTrIjKoa+888r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04c2cb44e8267bb86000b879e8a49e2fce35cbc67e80be197cbf7be826466c1b

Files

04c2cb44e8267bb86000b879e8a49e2fce35cbc67e80be197cbf7be826466c1b
.exe windows:5 windows x86 arch:x86

6902f77f05edf1510e445ca43f2203a0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
GetFileType
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoW
GetLogicalDrives
GetLongPathNameW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNumberFormatW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryA
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameW
GetTempPathW
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetVersion
GetVersionExA
GetVersionExW
GetVolumeInformationW
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatus
GlobalMemoryStatusEx
GlobalReAlloc
GlobalUnlock
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedCompareExchange
InterlockedDecrement
InterlockedIncrement
InterlockedPopEntrySList
InterlockedPushEntrySList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LeaveCriticalSection
LoadLibraryA
GetFileInformationByHandle
LoadLibraryW
LoadResource
LocalAlloc
LocalFree
LockResource
MapViewOfFile
MoveFileExW
MulDiv
MultiByteToWideChar
OpenProcess
OutputDebugStringA
OutputDebugStringW
PeekNamedPipe
QueryPerformanceCounter
RaiseException
ReadConsoleInputA
ReadConsoleW
ReadFile
ReleaseMutex
RemoveDirectoryW
ResumeThread
RtlUnwind
SetConsoleCtrlHandler
SetConsoleMode
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetFileAttributesW
SetFilePointer
SetFilePointerEx
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteConsoleW
WriteFile
lstrcatW
lstrcmpiW
lstrcpyW
lstrcpynW
lstrlenA
lstrlenW
GetFileAttributesA
GetFileAttributesW
GetFileAttributesExW
GetExitCodeThread
GetExitCodeProcess
GetEnvironmentStringsW
GetDriveTypeW
GetDriveTypeA
GetDiskFreeSpaceExW
GetDateFormatW
GetDateFormatA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
GetConsoleMode
GetConsoleCP
GetCommandLineW
GetCPInfo
GetACP
FreeResource
FreeLibrary
FreeEnvironmentStringsW
FormatMessageW
FlushInstructionCache
AreFileApisANSI
FlushFileBuffers
FlushConsoleInputBuffer
FindResourceW
FindNextFileW
FindFirstFileW
FindFirstFileExW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
ExpandEnvironmentStringsW
ExitThread
ExitProcess
EnumSystemLanguageGroupsW
EnumLanguageGroupLocalesW
EnterCriticalSection
EncodePointer
DeviceIoControl
DeleteFileW
DeleteCriticalSection
DecodePointer
CreateThread
CreateProcessW
CreateMutexW
CreateFileW
CreateFileMappingW
CreateFileA
CreateEventW
CreateDirectoryW
CopyFileW
CopyFileExW
CompareStringW
CloseHandle
LoadLibraryExW

user32

IsDialogMessageW
IsDlgButtonChecked
IsIconic
IsRectEmpty
IsWinEventHookInstalled
IsWindow
IsWindowEnabled
IsWindowUnicode
IsWindowVisible
KillTimer
LoadCursorFromFileW
LoadCursorW
LoadIconW
LoadImageW
MapWindowPoints
MessageBeep
MessageBoxA
MessageBoxW
MonitorFromWindow
MsgWaitForMultipleObjects
NotifyWinEvent
OffsetRect
PeekMessageA
PeekMessageW
PostMessageW
PostQuitMessage
PostThreadMessageW
PtInRect
RealChildWindowFromPoint
RedrawWindow
RegisterClassExW
ReleaseCapture
ReleaseDC
ScreenToClient
ScrollWindowEx
SendDlgItemMessageW
SendMessageTimeoutW
SendMessageW
SetCapture
SetCursor
SetDlgItemTextW
SetFocus
SetForegroundWindow
SetRect
SetRectEmpty
SetScrollInfo
SetScrollPos
SetTimer
SetWindowLongW
SetWindowPos
SetWindowRgn
SetWindowTextW
SetWindowsHookExW
ShowWindow
SystemParametersInfoA
SystemParametersInfoW
TranslateMessage
UnhookWindowsHookEx
UnregisterClassW
UpdateWindow
IsChild
WindowFromPoint
GetSysColor
GetScrollInfo
GetProcessWindowStation
GetParent
GetMonitorInfoW
GetLastActivePopup
GetKeyState
GetIconInfo
GetGUIThreadInfo
GetForegroundWindow
GetFocus
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetDC
GetCursorPos
GetCursor
GetComboBoxInfo
GetClientRect
GetClassNameW
GetClassLongW
GetClassInfoExW
GetCapture
GetAncestor
GetActiveWindow
FillRect
EqualRect
EnumWindows
EnumChildWindows
EndPaint
EndDialog
EnableWindow
DrawTextW
DrawIconEx
DrawIcon
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageW
DispatchMessageA
DialogBoxParamW
DialogBoxIndirectParamW
DestroyWindow
DestroyIcon
DestroyCursor
DefWindowProcW
CreateWindowExW
CreateDialogIndirectParamW
CopyRect
CheckDlgButton
CharUpperA
CharNextW
CallWindowProcW
CallNextHookEx
BeginPaint
AttachThreadInput
InvalidateRgn
InvalidateRect
IntersectRect
InflateRect
GetWindowThreadProcessId
GetWindowTextW
GetWindowTextLengthW
GetWindowRect
GetWindowLongW
GetWindowDC
AdjustWindowRectEx
AnimateWindow
GetWindow
GetUserObjectInformationW
WaitForInputIdle
GetSystemMetrics
DrawStateW

gdi32

CreateDIBitmap
CreateFontIndirectW
CreateRectRgn
CreateRectRgnIndirect
CreateSolidBrush
DeleteDC
DeleteObject
EnumFontFamiliesExW
ExcludeClipRect
ExtTextOutW
GdiFlush
GetClipBox
GetClipRgn
GetDIBits
GetDeviceCaps
GetLayout
GetMapMode
GetObjectW
GetPixel
GetStockObject
GetStretchBltMode
GetTextExtentExPointW
GetTextExtentPoint32W
CreateDIBSection
GetTextMetricsW
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LPtoDP
OffsetRgn
OffsetWindowOrgEx
RectVisible
SelectClipRgn
SelectObject
SetBkColor
SetBkMode
SetDIBits
SetLayout
SetMapMode
SetRectRgn
SetStretchBltMode
SetTextColor
SetViewportOrgEx
SetWindowOrgEx
StretchBlt
TranslateCharsetInfo
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
CombineRgn
GetTextExtentPointW
BitBlt

advapi32

RegQueryValueExW
RegOpenKeyW

shell32

SHGetFileInfoW
ShellExecuteExW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetDesktopFolder
ShellExecuteW
SHGetFolderPathW
SHGetMalloc
SHGetPathFromIDListW

ole32

CoTaskMemRealloc
CoUninitialize
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
RegisterDragDrop
RevokeDragDrop
StringFromGUID2
CoTaskMemAlloc
CoInitialize
CoDisconnectObject
CoCreateInstance
CoCreateGuid
CLSIDFromString
CoTaskMemFree

shlwapi

StrStrW
StrCmpIW
StrCmpW

comctl32

ImageList_DrawIndirect
ImageList_GetIconSize

Sections

.text
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6902f77f05edf1510e445ca43f2203a0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

comctl32

Sections

.text Size: 209KB - Virtual size: 209KB

.rdata Size: 47KB - Virtual size: 46KB

.data Size: 6KB - Virtual size: 5KB

.rsrc Size: 89KB - Virtual size: 89KB

.text
Size: 209KB - Virtual size: 209KB

.rdata
Size: 47KB - Virtual size: 46KB

.data
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 89KB - Virtual size: 89KB